Zscaler Significantly Expands Global Sovereignty on Zero Trust Exchange Platform

Rhea-AI Summary

Zscaler (NASDAQ: ZS) expanded data sovereignty capabilities on its Zero Trust Exchange on March 12, 2026, adding new regional control-plane deployments and a forthcoming Canada rollout. Highlights include in-region SSL inspection, private service edge options, regional logging, HSM key control, and a decentralized control/data/logging architecture.

The company says this enables local regulatory compliance without compromising global performance, uptime, or resilience across its 160+ data centers.

Key Figures

Global data centers: 160+ data centers Logging plane regions: 6 countries Q2 FY2026 revenue: $815.8M +5 more

8 metrics

Global data centers 160+ data centers Existing Zscaler cloud footprint mentioned in sovereignty expansion release

Logging plane regions 6 countries Dedicated logging plane already deployed across multiple jurisdictions

Q2 FY2026 revenue $815.8M Quarter ended Jan 31, 2026 (10-Q and 8-K)

Revenue growth 26% YoY Fiscal Q2 2026 vs prior year (8-K)

ARR $3,359M Fiscal Q2 2026 annual recurring revenue (8-K)

Non-GAAP op margin 22% Fiscal Q2 2026 non-GAAP operating margin (8-K)

Free cash flow $169.1M Fiscal Q2 2026 free cash flow (8-K)

Acquisition consideration $692.0M Aggregate for Red Canary, SPLX, SquareX (earnings release)

Market Reality Check

Price: $153.81 Vol: Volume 2,475,620 vs 20-da...

low vol

$153.81 Last Close

Volume Volume 2,475,620 vs 20-day average 3,655,898 (relative volume 0.68) ahead of this sovereignty update. low

Technical Shares at $153.81, well below 200-day MA of $262.23 and 54.36% under the $336.99 52-week high, sitting 9.43% above the $140.5601 52-week low.

Peers on Argus

ZS fell 1.79% while key peers were mixed: FTNT -0.97%, MDB -1%, XYZ -2%, but NET...

ZS fell 1.79% while key peers were mixed: FTNT -0.97%, MDB -1%, XYZ -2%, but NET gained 2.27% and NTAP rose 0.29%. With no peers in the momentum scanner and no same-day peer headlines, the move looks more company-specific than a broad software rotation.

Historical Context

5 past events · Latest: Feb 26 (Positive)

Pattern 5 events

Date	Event	Sentiment	Move	Catalyst
Feb 26	Earnings and guidance	Positive	-12.2%	Strong Q2 results and higher ARR guidance to <b>24%</b> but shares sold off.
Feb 19	Investor conferences	Neutral	-1.8%	Announcement of multiple upcoming investor conference appearances and webcasts.
Feb 05	Security acquisition	Positive	-1.2%	Acquisition of SquareX to extend Zero Trust browser security for AI era.
Feb 05	Earnings call notice	Neutral	-8.8%	Scheduling of Q2 FY2026 earnings release and investor conference call.
Jan 27	AI security launch	Positive	+2.4%	Launch of Zscaler AI Security Suite to secure enterprise AI adoption.

Pattern Detected

Recent positive product and earnings news often coincided with negative price reactions, indicating a pattern of selling into strong fundamentals and guidance.

Recent Company History

Over the last few months, Zscaler has reported strong growth, with Q2 FY2026 revenue of $815.8M and ARR up 25% to $3,359M, while raising full-year ARR guidance to 24%. Despite this, shares fell 12.17% after earnings and declined around other positive updates, including AI security innovations and the SquareX acquisition. The current expansion of data sovereignty and control-plane capabilities builds on this strategy of deepening the Zero Trust Exchange platform for complex, regulated enterprises.

Market Pulse Summary

This announcement highlights Zscaler’s push to enhance digital sovereignty by extending localized co...

Analysis

This announcement highlights Zscaler’s push to enhance digital sovereignty by extending localized control, data, and logging planes across its 160+ data centers. Features like in-region SSL inspection, Private Service Edges, and HSM-based key control aim to address complex GDPR and NIS2 compliance needs. Set against recent strong Q2 results of $815.8M revenue and $3,359M ARR, investors may watch how these sovereignty capabilities drive large regulated-enterprise adoption and reinforce the Zero Trust Exchange roadmap.

Key Terms

control plane, hardware security modules (hSMs), gdpr, nis2

4 terms

control plane technical

"fully isolated control, data, and logging planes—distinct layers and separation"

The control plane is the part of a computer network or cloud system that makes and enforces decisions about where data goes, how services are configured, and which security rules apply—think of it as the system’s air-traffic control. It matters to investors because a reliable, secure and scalable control plane determines how well a company’s digital services perform, how easily they grow, and how costly or risky operations and compliance can be, affecting revenue and valuation.

hardware security modules (hSMs) technical

"Full control over encryption keys via integration with hardware security modules (HSMs)"

Hardware security modules (HSMs) are dedicated physical devices that securely generate, store and use cryptographic keys, keeping those keys isolated from general-purpose servers and software to prevent theft or tampering. For investors, HSMs matter because they lower the risk of costly data breaches, regulatory penalties and transaction fraud—think of them as a high-security vault for a company's digital keys that helps protect revenue, reputation and valuation.

gdpr regulatory

"validation for GDPR, NIS2, and DoD IL5."

General Data Protection Regulation is a law that sets rules for how organizations must collect, store and use personal data about people, and gives individuals rights over that data. It matters to investors because noncompliance can lead to large fines, higher operating costs and damaged reputation, while strong compliance can be a competitive advantage—think of it as a strict safety code for handling customer information.

nis2 regulatory

"validation for GDPR, NIS2, and DoD IL5."

NIS2 is a European Union cybersecurity law that sets mandatory rules for how many businesses and public organizations must protect their networks, report cyber incidents, and undergo checks. Think of it as a requirement to install stronger locks, keep a log of any break-ins, and show auditors the keys; for investors, compliance affects a company’s legal risk, operating costs and reputation, and can influence future cash flow and valuation.

AI-generated analysis. Not financial advice.

New Regions and Enhanced Local Control Plane Allow Enterprises to Navigate Complex Global Regulations Without Sacrificing Speed, Security or Uptime

SAN JOSE, Calif., March 12, 2026 (GLOBE NEWSWIRE) -- Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today announced a significant expansion of its data sovereignty capabilities globally, powered by the Zscaler Zero Trust Exchange™ cloud security platform. As organizations increasingly demand the ability to independently manage digital assets while complying with local laws, Zscaler continues to invest in providing an industry-leading solution that eliminates the trade-off between global performance and strict local compliance.

For global enterprises, the conflict between protecting data and enabling cross-border collaboration is a major compliance and business challenge to growth. Zscaler already operates 160+ data centers and is present in most countries. Its architecture is based on fully isolated control, data, and logging planes—distinct layers and separation for management, traffic inspection, and record-keeping to ensure sensitive data never leaves its required jurisdiction enabling customers to maintain complete authority over their data. Running a control plane in a country is more complex than just data and logging planes. Zscaler addressed this early on and built a dedicated US & European control plane along with a dedicated logging plane in six different countries. We are now actively extending this functionality to several new regions, with a forthcoming deployment in Canada.

Achieving True Digital Sovereignty: Local Authority, Global Scale
Zscaler resolves the critical conflict between local data protection and global collaboration through a truly decentralized architecture that offers a distinct advantage over alternatives that still rely on shared, global control planes. To further deepen this local authority, Zscaler has introduced:

• In-Region SSL Inspection & Malware Analysis: Decrypts and inspects encrypted traffic locally to stop hidden threats, ensuring that sensitive data and files never leave the jurisdiction for analysis.
• Certified On-Premises Flexibility: Options for customers to leverage Private Service Edges (single-tenant, customer-hosted, and Zscaler-managed appliances) to meet specific hardware certification requirements.
• Region-Specific Support: Dedicated technical teams to help CIOs interpret national regulations and configure services appropriately.
  
  

Customer-Controlled Security and Compliance
To support the enterprises’ and organizations’ mandates for audit-ready security, Zscaler’s commitment to digital sovereignty is backed by rigorous third-party validation. Independent assessments verify that the platform encrypts and decrypts traffic without writing data to disk, ensuring absolute confidentiality when it comes to sensitive data handling. Key compliance capabilities include:

• Total Data Ownership: Full control over encryption keys via integration with hardware security modules (HSMs), ensuring only authorized parties can decrypt traffic.
• Unified Compliance Acceleration: Leverages a “Collect Once, Certify All” framework that maps a single set of security controls to overlapping regulatory requirements, significantly speeding up validation for GDPR, NIS2, and DoD IL5.
• Flexible Logging: Options for regional or on-premises log storage to support strict regional compliance and customer policies.
  
  

Turning Resilience into Business Continuity
Unlike providers whose core security services are reliant on third-party infrastructure, Zscaler owns and operates its own cloud, ensuring that an outage at any single data center does not impact overall service availability. This architecture allows major financial institutions to conduct firedrills and real world exercises, validating that the platform cannot become a single point of failure.

“The true measure of a security cloud isn’t just global performance, but its ability to adapt to local realities,” said Misha Kuperman, Chief Reliability Officer at Zscaler. “Effective data sovereignty requires customers to have verified authority over their data residency, telemetry and control data plane data. By separating control, data, and logging planes with a decentralized architecture, Zscaler enables customers to align with strict local sovereignty requirements while maintaining the resilience and availability needed for global business continuity.”

For more information, please read our blog, Digital Sovereignty That Works in Practice: Local Control, Global Resilience.

About Zscaler
Zscaler (NASDAQ: ZS) is a pioneer and global leader in zero trust security. The world’s largest businesses, critical infrastructure organizations, and government agencies rely on Zscaler to secure users, branches, applications, data & devices, and to accelerate digital transformation initiatives. Distributed across 160+ data centers globally, the Zscaler Zero Trust Exchange™ platform combined with advanced AI combats billions of cyber threats and policy violations every day and unlocks productivity gains for modern enterprises by reducing costs and complexity.

Forward-Looking Statements
This press release contains forward-looking statements that are based on our management's beliefs and assumptions and on information currently available to our management. These forward-looking statements include the expected benefits of our data sovereignty capabilities and the solutions and protections offered to our customers. These forward-looking statements are subject to the safe harbor provisions created by the Private Securities Litigation Reform Act of 1995. A significant number of factors could cause actual results to differ materially from statements made in this press release, including those factors related to our ability to successfully integrate new features of our product offerings into our AI Security portfolio and the business impact additional offerings may have for our customers.
Additional risks and uncertainties are set forth in our most recent Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission (“SEC”) on February 26, 2026, which is available on our website at ir.zscaler.com and on the SEC's website at www.sec.gov. Any forward-looking statements in this release are based on the limited information currently available to Zscaler as of the date hereof, which is subject to change, and Zscaler will not necessarily update the information, even if new information becomes available in the future.

Media Contact
Taylor Dunton, Sr. Director of Global Public Relations, press@zscaler.com

FAQ

What did Zscaler (ZS) announce on March 12, 2026 about data sovereignty?

Zscaler announced expanded global data sovereignty with new regional control-plane deployments and a forthcoming Canada rollout. According to Zscaler, this adds in-region SSL inspection, private service edge options, regional logging, and HSM key control to support local compliance.

How does Zscaler's Zero Trust Exchange ensure data remains within a jurisdiction for ZS customers?

Zscaler separates control, data, and logging planes to keep data and telemetry local when required. According to Zscaler, this architecture plus in-region SSL inspection and regional log storage prevents sensitive data from leaving the jurisdiction.

What are Zscaler's options for customers needing certified on-premises hardware (ZS)?

Zscaler offers Private Service Edges: single-tenant, customer-hosted, and Zscaler-managed appliances for hardware certification needs. According to Zscaler, these options let customers meet local certification and deployment requirements while retaining control.

Does Zscaler (ZS) provide customer control over encryption keys and logs for compliance?

Yes. Zscaler supports full data ownership via HSM integration and flexible regional or on-premises log storage. According to Zscaler, these controls help enterprises meet GDPR, NIS2, and DoD IL5 validation requirements.

How does Zscaler claim its architecture affects resilience and business continuity for ZS customers?

Zscaler says it owns and operates its cloud to avoid single-point-of-failure dependence on third-party infrastructure. According to Zscaler, this design preserves service availability during individual data center outages and supports continuity testing by customers.